Security Incidents mailing list archives

RE: Nimda et.al. versus ISP responsibility

From: "Jay D. Dyson" <jdyson () treachery net>
Date: Thu, 27 Sep 2001 17:01:23 -0700 (PDT)

-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 27 Sep 2001, Greg A. Woods wrote:

I think there is a mid-ground wherein all ISPs are responsible
for both ingress and egress filtering of all traffic on their
network to ensure it is valid traffic (e.g.., making sure that 
customer A cannot inject traffic into the network with a source
IP that doesn't belong to them...nearly eliminating spoofing) 
but stopping short of scanning payloads of packets.


Come on!  Get real!
Any properly formed IP packet is valid traffic!


        With all due respect, you are so horribly misinformed that it's
not even funny.  The original author is quite correct that ISPs are indeed
responsible for ingress and egress filtering in order to diminish the
likelihood of spoofed packets.

        This isn't rocket science.  Anyone claiming that ISPs shouldn't be
taking such steps is either ignorant, misguided, or just plain opposed to
common-sense security practices.  In any case, such people definitely
shouldn't be in charge of any netblock.  They're a hazard to themselves
and the 'net overall.

- -Jay

  (    (                                                         _______
  ))   ))   .-"There's always time for a good cup of coffee."-.   >====<--.
C|~~|C|~~| (>------ Jay D. Dyson - jdyson () treachery net ------<) |    = |-'
 `--' `--'  `--------------- rm -rf /bin/laden ---------------'  `------'

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iQCVAwUBO7OvxrlDRyqRQ2a9AQE1ZAP/cK1D4C0KKXQR8/PSetzVNcuqutr0VovI
5XSKp67+qzXkZZ+fVir52qRrVtT97t1GXm9lAev3lpxBVDr4FSSaU/PnpOga0Mlc
cnSzKL50gNpTJskE19mSLvW4Wq/EfZj6M62YvY/OwIhAKPu22sLtEJN9IVs/BzMm
KNh5hXIcO7c=
=9Evg
-----END PGP SIGNATURE-----


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

RE: Nimda et.al. versus ISP responsibility, (continued)
- - - RE: Nimda et.al. versus ISP responsibility Homer Wilson Smith (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Neil Dickey (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Michael B. Morell (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Dave Salovesh (Sep 27)
- RE: Nimda et.al. versus ISP responsibility UMusBKidN (Sep 27)
  - Re: Nimda et.al. versus ISP responsibility robertm (Sep 27)
  - RE: Nimda et.al. versus ISP responsibility Jason Robertson (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Mogull,Rich (Sep 27)
- RE: Nimda et.al. versus ISP responsibility ahoward (Sep 27)
  - RE: Nimda et.al. versus ISP responsibility Greg A. Woods (Sep 27)
    - RE: Nimda et.al. versus ISP responsibility Jay D. Dyson (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Stephen Villano (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Chad Mawson (Sep 27)
- RE: Nimda et.al. versus ISP responsibility UMusBKidN (Sep 27)
  - RE: Nimda et.al. versus ISP responsibility Jonathan Levy (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Brian Cervenka (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Tony Langdon (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Dean Cunningham (Sep 27)
- RE: Nimda et.al. versus ISP responsibility ahoward (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Smith, Mark (Sep 28)